Tag Archives: endpoint

Which two statements are FALSE about creating a metadata-only clone with a private endpoint network access

Which two statements are FALSE about creating a metadata-only clone with a private endpoint network access option? A. Current settings for ACLs are cloned. B. Clone can be in a different region. C. All OML notebooks are cloned. D. All underlying data for OML notebooks is cloned. E. All resource management rules are cloned. Correct Answer: B,D https://docs.oracle.com/en/cloud/paas/autonomous-database/adbsa/autonomous-clone-notes.html#GUID-F943E7FF-8DEB-47F4-84C0-FFA5BAF9D5A9

In a Cisco SD-Access wireless architecture, which device manages endpoint ID to edge node bindings?

A. fabric control plane node B. fabric wireless controller C. fabric border node D. fabric edge node Answer: Option A. Explanation: No answer description available for this question Show AnswerDiscussion The post In a Cisco SD-Access wireless architecture, which device manages endpoint ID to edge node bindings? appeared first on Majanto.

A network administrator must configure endpoints using an 802.1X authentication method with EAP identity certificates that are provided by the Cisco ISE. When the endpoint presents the identity certificate to Cisco ISE to validate the certificate, endpoints must be authorized to connect to the network. Which EAP type must be configured by the network administrator to complete this task?

A. EAP-TTLS B. EAP-TLS C. EAP-FAST D. EAP-PEAP-MSCHAPv2 Answer: Option B. Explanation: Reference: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/214975configure-eap-tls- authentication-with-is.html Show AnswerDiscussion The post A network administrator must configure endpoints using an 802.1X authentication method with EAP identity certificates that are provided by the Cisco ISE. When the endpoint presents the identity certificate to Cisco ISE to validate the certificate, endpoints must be… Read More »

Which switch configuration change will allow only one voice and one data endpoint on each port? interface GigabitEthernetl/O/1 authentication host-mode multi-auth authentication post-control auto mab dotlx pae authenticator

A. auto to manual B. mab to dot1x C. multi-auth to multi-domain D. multi-auth to single-auth Answer: Option C. Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-6/ configuration_guide/sec/b_166_sec_9300_cg/configuring_ieee_802_1x_port_based_authentication.html Show AnswerDiscussion The post Which switch configuration change will allow only one voice and one data endpoint on each port? interface GigabitEthernetl/O/1 authentication host-mode multi-auth authentication post-control auto mab dotlx pae authenticator appeared first on… Read More »

A Cisco ISE administrator needs to ensure that guest endpoint registrations are only valid for 1 day. When testing the guest policy flow, the administrator sees that the Cisco ISE does not delete the endpoint in the GuestEndpoints identity store after 1 day and allows access to the guest network after that period. Which configuration is causing this problem?

A. The Guest Account Purge Policy is set to 15 days. B. The length of access is set to 7 days in the Guest Portal Settings. C. The Endpoint Purge Policy is set to 30 days for guest devices. D. The RADIUS policy set for guest access is set to allow repeated authentication of the same device. Answer:… Read More »

A network administrator is setting up wireless guest access and has been unsuccessful in testing client access. The endpoint is able to connect to the SSID but is unable to gain access to the guest network through the guest portal. What must be done to identify the problem?

A. Use traceroute to ensure connectivity. B. Use context visibility to verify posture status. C. Use the identity group to validate the authorization rules. D. Use the endpoint ID to execute a session trace. Answer: Option D. Explanation: Reference: https://www.cisco.com/c/en/us/td/docs/security/ise/1-3/admin_guide/b_ise_admin_guide_13/b_ise_admin_guide_sample_chapter_011001.html#concept_87916A77E87745 Show AnswerDiscussion The post A network administrator is setting up wireless guest access and has been unsuccessful in… Read More »

An administrator is troubleshooting an endpoint that is supposed to bypass 802.1X and use MAB. The endpoint is bypassing 802.1X and successfully getting network access using MAB, however the endpoint cannot communicate because it cannot obtain an IP address. What is the problem?

A. The endpoint is using the wrong protocol to authenticate with Cisco ISE. B. The 802.1X timeout period is too long. C. The DHCP probe for Cisco ISE is not working as expected. D. An ACL on the port is blocking HTTP traffic. Answer: Option B. Explanation: No answer description available for this question Show AnswerDiscussion The post… Read More »

Which default endpoint identity group does an endpoint that does not match any profile in Cisco ISE become a member of?

A. block list B. unknown C. allow list D. profiled E. endpoint Answer: Option B. Explanation: Reference: https://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_identities.html Show AnswerDiscussion The post Which default endpoint identity group does an endpoint that does not match any profile in Cisco ISE become a member of? appeared first on Majanto.

Which two events trigger a CoA for an endpoint when CoA is enabled globally for ReAuth? (Choose two.)

A. addition of endpoint to My Devices Portal B. endpoint marked as lost in My Devices Portal C. updating of endpoint dACL D. endpoint profile transition from Apple-device to Apple-iPhone E. endpoint profile transition from Unknown to Windows10-Workstation Answer: Option D, E. Explanation: No answer description available for this question Show AnswerDiscussion The post Which two events trigger… Read More »

Which three default endpoint identity groups does Cisco ISE create? (Choose three.)

A. endpoint B. unknown C. block list D. profiled E. allow list Answer: Option B, C, D. Explanation: Reference: https://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_identities.html#wp1203054 Show AnswerDiscussion The post Which three default endpoint identity groups does Cisco ISE create? (Choose three.) appeared first on Majanto.